Where would you check to see if the same user was trying to log on again, in
the LoginContext? I can check in the Session and see if a user is logged on
or not, but I can not check to see if it is the same user unless I keep the
userid and password in the session. I would like to do it in the
LoginContext and throw an Exception if it is the same user. The way it is
now, I get a LoginException from the LoginContainer if I try to log on
again, but I have no way of knowing if it is because the same user is logged
on or not.
public void login(LoginContext context) throws LoginException
{
...
if (subjects.containsKey(key))
throw new LoginException("Already logged in through
this context
").setLoginContext(context);
...
}
How would you suggest figuring out if it is the same user or not?
> -----Original Message-----
> From: Maurice Marrink [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, March 25, 2008 10:02 AM
> To: users@wicket.apache.org
> Subject: Re: Wicket-Security Back Button and Login more than once
>
>
> We also use a "screensaver" but it does not use the login routines,
> instead it just verifies the user input against the username and
> password from the loggedin user.
> Also you can a check on the loginpage to determine if there is already
> a logged in user, if there is and it is the same username you can skip
> logging in again.
>
> Maurice
>
> On Tue, Mar 25, 2008 at 5:41 PM, Warren
> <[EMAIL PROTECTED]> wrote:
> > How do you deal with the situation where a user uses the
> browser back button
> > and ends up on a login page and then trys to login again? In
> other words,
> > how do you allow a user to login more than once. I am also
> running into this
> > same situation when I manually throw a
> > RestartResponseAtInterceptPageException(Login.class) exception.
> >
> > I need a 5 minute screen saver type of time out and then the
> regular session
> > expired time out. The screen saver would require the user to
> login again and
> > the pick-up where they left off, but if a new user logged in it would
> > invalidate the previous users session and start the new user
> from the home
> > page. I wrote something that kind of works, but I keep running
> into little
> > problems with it.
> >
> > What would be the best way to do this?
> >
> > Thanks,
> >
> > Warren Bell
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
